Make your PIN code more secure using three unique numbers

With half of the adults in America now owning some sort of smartphone that has access to personal information, hackers are using some simple methods to discover the PIN numbers used to unlock devices. Instead of using high-tech equipment to run an attack, they are simply looking to see where the fingerprint smudges are in relation to the phone’s keypad, then entering the different permutations of the four numbers until they hit on the right one. However, by using an equally as simple method suggested by security expert, Karl Sigler, you can make it harder for someone trying to steal your information from a misplaced or stolen device. In a classic example of the phrase “less is more”, by using only three unique numbers in your PIN you actually make it more secure than by using four. Here’s why…

Most PIN numbers use a four digits. If a hacker was to try a brute-force method (using software to try every possible combination) of attack to try to figure out your pin, it would take a long amount of time as there are over 10,000 different possible combinations the number could be. For a person trying to break into a system quickly before it gets remote wiped, this is an unacceptable amount. However, by looking at the fingerprints on the touchscreen an attacker can narrow the 10,000 combinations down to just 24. As mentioned above, the smudges narrow down exactly which four digits are in the PIN making it much easier to crack. This is where Sigler’s suggested method comes in to help make your PIN more secure.

Pictured above is an iPhone that has a PIN using Sigler’s suggested method (you can tell by the smudges). By using three unique numbers, the user has made their PIN 50% more secure. Because a user is repeating a number, there should be one less smudge on the screen, which takes away a piece of vital information from a potential hacker. While still not a great situation, instead of 24 possible combinations, there are now 36. The time it takes to run through twelve more permutations could be enough for a person to realize their phone is gone and initiate a remote wipe. Or if there is a attempt limit in place it’s more likely that the limit will be reached and the phone will be automatically wiped before it is unlocked.

Of course, the easiest method of all could be to simply clean your screen regularly taking away all traces of smudging.